top of page

Privacy Policy

1. INTRODUCTION

Omniteam.ai B.V. ("Omniteam.ai", "we", "our", "us") provides an interview‑intelligence platform that helps organisations create job postings, schedule and conduct interviews, and analyse conversations. Because our solution touches both talent teams (Customers) and job applicants (Candidates), this Privacy Policy is written for both audiences.

  • Customers (employers, recruiters and their authorised users) – you are signing up for an Omniteam.ai account, configuring jobs, or reviewing interview data.

  • Candidates – you are applying for a job or joining an interview through a link powered by Omniteam.ai.

We are a private company with limited liability incorporated in the Netherlands (KvK [97929689]). If you have any questions, contact info@omniteam.ai 

 

2. HOW THIS POLICY WORKS

Our privacy obligations differ depending on whose data we are handling:

​

  1. Platform & account data

    What it covers – administrator profiles, login credentials, feature-usage logs, analytics dashboards.

    Who’s in charge – Omniteam.ai is the data controller.

    Your privacy contact – reach out to info@omniteam.ai for any access, correction or deletion request.

  2. Candidate application & interview data

    What it covers – CVs, screening answers, interview recordings, transcripts and AI insights.

    Who’s in charge – the hiring organisation that invited the candidate is the data controller; Omniteam.ai acts only as its processor/service-provider.

    Your privacy contact – please contact the hiring organisation first; we’ll help them respond.

  3. Diagnostics, anti-fraud & security telemetry

    What it covers – IP addresses, browser/device details, latency metrics captured to keep calls secure and reliable.

    Who’s in charge – Omniteam.ai is the data controller.

    Your privacy contact – again, email privacy@omniteam.ai for any data-subject request.

 

In short: when you’re dealing with platform housekeeping or technical telemetry, talk to us; when it’s your application or interview content, the hiring company is your primary point of contact and we support them behind the scenes.​​​​​​​

 

3. PERSONAL DATA WE COLLECT

3.1 Data provided by Customers

  • Account details: name, job title, business email/phone, password hash, MFA seed.

  • Organisation data: company name, billing address, VAT number.

  • Job data: job titles, descriptions, hiring stages, interview kits.

  • Interview artefacts: notes, ratings, tags added by interviewers.

3.2 Data provided by Candidates

  • Application data: CV/résumé, cover letter, answers to screening questions, portfolio links.

  • Interview data: live audio/video stream, screen share, chat, automatically generated transcript and AI highlights (e.g., key topics, talk‑time ratios).

3.3 Data collected automatically

  • Usage logs: IP address, device/browser type, pages viewed, feature clicks, authentication events.

  • Call diagnostics: packet‑loss rate, jitter, frame rate (to troubleshoot call quality).

  • Cookie identifiers and similar technologies (see Section 10).

We do not intentionally collect special‑category data. If Customers or Candidates reveal such data in an interview, it is processed only on the Customer’s documented instructions and protected with additional controls.

 

4. LEGAL BASES FOR PROCESSING (EU/EEA)

The GDPR requires a clear lawful basis for every personal‑data activity. Throughout this Policy we reference these bases using the regulation’s formal citations — for example, Article 6(1)(b) GDPR – Contractual necessity. The full list is:

  • Article 6(1)(a) GDPR – Consent

  • Article 6(1)(b) GDPR – Contractual necessity

  • Article 6(1)(c) GDPR – Legal obligation

  • Article 6(1)(f) GDPR – Legitimate interests Other sub‑paragraphs ((d) Vital interests, (e) Public task) are not used by Omniteam.ai.

​

Operate the platform for customers

 

Data we need – customer-admin profiles, company details, job information.

Why we’re allowed – the data are necessary to perform our contract with you (Article 6 (1)(b) GDPR).

 

 

Provide and record interviews for customers

 

Data we handle – candidate CVs, application answers, audio/video recordings, transcripts and AI insights.

Our role – processor under Article 28 GDPR; the hiring organisation is the controller. They usually rely on contractual necessity or legitimate interests under Article 6 (1)(b) or (1)(f).

 

 

Troubleshoot, secure and prevent fraud

 

Data we look at – usage logs, IP address, browser/device details, call-quality metrics.

Legal basis – legitimate interests in keeping the service reliable and secure (Article 6 (1)(f)).

 

 

Product analytics and model improvement

 

Data we use – aggregated or pseudonymised usage statistics and interview metadata.

Legal basis – our legitimate interest in improving features and AI models (Article 6 (1)(f)).

 

 

Marketing to prospects

 

Data we use – marketing cookies, newsletter subscription lists.

Legal basis – your consent (Article 6 (1)(a)). You can withdraw it at any time.

 

 

Compliance and bookkeeping

 

Data we keep – billing and invoicing records.

Legal basis – legal obligation under Dutch tax and accounting rules (Article 6 (1)(c)).

​

​

For legitimate‑interest processing we have carried out balancing tests and will share them on request.

 

5. HOW WE USE PERSONAL DATA

5.1 If you are a Customer user

We use your data to create and secure your account, provide core features (job creation, interview scheduling, analytics dashboards), respond to support requests, send product updates and – if you opt‑in – marketing emails.

5.2 If you are a Candidate

Your prospective employer decides why your data are processed (e.g., to assess your suitability). We merely supply the tooling. Concretely we:

  1. Capture your application form, uploaded CV and any screening answers.

  2. Record & transcribe your interview if the employer enables recording. You will see a clear on‑screen notice and can leave the session before recording starts.

  3. Process the recording for searchable playback, speaker separation and optional AI insights requested by the employer.

  4. Store the resulting artefacts in EU data centres for the retention period set by the employer (default 24 months, configurable 1–36 months).

  5. Delete or return data when the employer instructs us or when the retention period expires.

We also generate minimal diagnostic logs (IP, jitter, dropped frames) to maintain call quality; for this subset Omniteam.ai is controller (Art 6(1)(f)).

 

6. DISCLOSURE OF PERSONAL DATA

We share personal data only with

  • Authorised sub‑processors listed at https://omniteam.ai/dpa (all EU‑based at the time of writing), each under an Art 28 agreement;

  • Third‑party integrations you enable (e.g., ATS, calendar, video‑conferencing bridge);

  • Professional advisers & authorities where required by law or to protect rights;

  • Successor entities in the event of a merger or acquisition (you will be notified).

We never sell personal data.

 

7. INTERNATIONAL TRANSFERS

Primary hosting is in Microsoft Azure West Europe (Netherlands) and North Europe (Ireland). If a sub‑processor is located outside the EEA, transfers are safeguarded by an adequacy decision or Standard Contractual Clauses + supplementary measures (encryption at rest & in transit, strict role‑based access).

 

8. RETENTION

We keep different categories of data for different periods:

  • Customer-account data – retained for the life of your contract plus seven (7) years to satisfy Dutch bookkeeping laws.

  • Candidate application & interview data – stored for the period set by the hiring organisation; the default is 24 months, but customers can shorten or extend it (1–36 months).

  • Diagnostic logs (IP addresses, browser details, latency metrics) – kept for 12 months to help us troubleshoot and secure the platform.

  • Marketing lists – retained until you withdraw consent or, if you go inactive, 24 months after your last interaction.

​

 

Back‑ups are kept for 30 days before secure destruction.

 

9. SECURITY MEASURES

We protect candidate data through layered administrative, technical and physical controls that preserve its confidentiality, integrity and availability. Safeguards include data encryption, controlled-access procedures and periodic security assessments.

 

 

10. COOKIES & SIMILAR TECHNOLOGIES

Our Site uses:

  • Strictly‑necessary cookies – account authentication, load balancing.

  • Analytics cookies – first‑party; help us understand feature adoption. Can be disabled via the cookie banner.

  • Marketing cookies – set only if you opt‑in.

A full cookie table is available in our Cookie Notice.

 

11. YOUR RIGHTS

Under GDPR you can request access, rectification, deletion, restriction, portability and objection. If we are controller (Sections 3 & 4), email info@omniteam.ai. If we are processor for your Candidate data, contact the hiring organisation first; we will assist them.

You can also complain to the Dutch Supervisory Authority (Autoriteit Persoonsgegevens) or to your local authority.

 

12. CHILDREN

Our Services are not directed at children under 16. If you believe we have unintentionally processed a child’s data, contact us and we will delete it.

 

13. CHANGES

We will update this Privacy Policy from time to time. Material changes will be notified at least 30 days in advance by email or in‑product banner.

 

14. CONTACT

Omniteam.ai B.V.
Valeriusstraat 70 2,

1071 MN Amsterdam
The Netherlands
Email: info@omniteam.ai

bottom of page